From 68b042febd888984b5fc2b4e850543bdd6936d3c Mon Sep 17 00:00:00 2001
From: Brian DeHamer <bdehamer@github.com>
Date: Mon, 26 Feb 2024 11:32:45 -0800
Subject: [PATCH] fix permissions for release workflow

Signed-off-by: Brian DeHamer <bdehamer@github.com>
---
 .github/workflows/releases.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml
index 5e70163e..3f69cb63 100644
--- a/.github/workflows/releases.yml
+++ b/.github/workflows/releases.yml
@@ -5,7 +5,7 @@ on:
     inputs:
       package:
         required: true
-        description: 'core, artifact, cache, exec, github, glob, http-client, io, tool-cache'
+        description: 'core, artifact, cache, exec, github, glob, http-client, io, tool-cache, attest'
 
 jobs:
   test:
@@ -49,6 +49,9 @@ jobs:
     runs-on: macos-latest
     needs: test
     environment: npm-publish
+    permissions:
+      contents: read
+      id-token: write
     steps:
 
       - name: download artifact